Cyber Incident Victim: Bassett Furniture Industries
Date:
Jul 2024
Location:
United States of America
Summary
Bassett Furniture Industries experienced a ransomware attack involving unauthorized access to portions of its IT systems, prompting immediate containment measures including system shutdowns and activation of incident response protocols. The threat actor encrypted data files, disrupting operations and forcing the closure of manufacturing facilities while retail stores and e-commerce platforms remained operational with limited order fulfillment capabilities. The company is working to restore impacted systems and implement operational workarounds to mitigate service disruptions, though the incident has caused and is expected to continue having a material operational impact until recovery is complete. No consumer data compromise is currently suspected, but the full scope and potential financial implications remain under investigation.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On July 10, 2024, Bassett Furniture Industries, Incorporated detected unauthorized activity affecting a portion of its information technology systems. The company immediately initiated containment protocols, including launching an investigation, activating its incident response plan, and deliberately shutting down certain IT infrastructure. The threat actor executed disruptive actions by encrypting data files, directly impairing business operations. As a direct consequence of these containment measures—particularly the system shutdowns—Bassett ceased operations at all manufacturing facilities. Retail stores and the e-commerce platform remained operational, allowing customers to place orders and purchase in-stock merchandise, though order fulfillment capabilities were significantly disrupted due to manufacturing and logistical dependencies on offline systems. The company prioritized restoring affected IT systems and developing operational workarounds to minimize service interruptions for retail, e-commerce, and wholesale customers. Preliminary assessments indicated no compromise of consumer personal information, though comprehensive forensic analysis remained ongoing at the time of disclosure.
The incident caused immediate material disruption to Bassett’s business operations, with the company acknowledging in its July 15, 2024 SEC filing that impacts would likely persist until recovery efforts concluded. Management had not yet determined whether the event would materially affect financial performance, citing the investigation’s preliminary stage. This disclosure coincided with the company reporting a 17% year-over-year revenue decline for Q2 2024 on the same day as the cyberattack. Bassett’s transparency regarding operational materiality contrasted with many contemporaneous SEC filings that minimized incident impacts despite subsequent financial repercussions observed industry-wide. No ransomware group claimed responsibility for the attack by July 16, 2024. With approximately 90 U.S. retail locations, the manufacturing halt exposed vulnerabilities in production-dependent supply chains during cyber disruptions. The filing occurred amid increased regulatory scrutiny under new SEC rules mandating material incident disclosures, highlighting tensions between corporate risk assessments and regulatory expectations regarding cybersecurity’s operational and financial ramifications.